Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...
i-SCOOP

DeepSeek V4 puts 1M context and low cost at the center of the open model race

DeepSeek V4 arrives in Pro and Flash variants with a 1M token context window, lower inference costs, and a stronger push into ...

Google issues new 'warning' in Microsoft Teams chat invitations and helpdesk scam

Cybercriminals are now leveraging Microsoft Teams, posing as IT helpdesk staff, to trick employees into revealing credentials ...

DeepSeek-V4 arrives with near state-of-the-art intelligence at 1/6th the cost of Opus 4.7, GPT-5.5

DeepSeek's quest to keep frontier AI models open is of benefit to the entire planet of potential AI users, especially ...

OpenAI teases GPT-5.5 model upgrade for ChatGPT in cryptic message

OpenAI is expected to be nearing an announcement around GPT-5.5, its next model upgrade to ChatGPT. A cryptic post ...

Top open source PyPI package with over 1 million downloads each month hacked to send out malware

This was not a case of stolen credentials, but rather of vulnerability exploitation.
Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...
Hosted on MSN

Popular PyPI package hacked to deliver infostealing malware

A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...